On September 30th 2020 during VMworld 2020, Runecast released Runecast-Analyzer 4.5.
New Features
- Kubernetes Integration
- Custom Profiles
- GDPR compliance for AWS
the Sky is the Limit
On September 30th 2020 during VMworld 2020, Runecast released Runecast-Analyzer 4.5.
Ransomware currently represents one of the most prominent threats to IT infrastructures. Reports of successful attacks are accumulating, the attacks are getting closer. More than 30% of all companies, institutes, universities or public authorities in Germany have already dealt with such attacks. In some cases, a ransom was paid to get access to their own data again.
Even with payment, success is never certain. After all, one negotiates with criminals. Authorities therefore advise against payment.
The essential protective measure against the consequences of such an attack is an up-to-date and consistent backup.
Unfortunately, attackers also know about the importance of backups. The currently circulating malware, such as Emotet or Ryuk, contain code that actively searches for backups on the net. Using previously obtained access data for Active Directory accounts or by attacking via RDP exploits or using the brand-new Zerologon exploit an attempt could be made to take over the systems that operate the data backup in the company or hold the backup data.
The automatic attack is often followed by hackers in the flesh who actively browse the net and try to destroy all backups. This is often an easy task, since backups today are preferably held on hard disk systems, permanently connected to the infrastructure.
The reason is obvious: If all backups are deleted or also encrypted, the compliance of the “customer” to pay his ransom increases by far.
Many approaches have therefore already been conceived to store the backup data out of reach of an attacker. A very simple and secure variant is an Air-Gap – a physical separation of the backup media from the system. For example, LTO tapes can be physically removed from the library.
Without this kind of time-consuming manual extraction – which would also have to be performed daily – the data remains latently vulnerable. It doesn’t matter whether it is stored on disk systems, dedup appliances, tapes in a library or even in an S3 cloud repository.
S3 cloud providers have therefore proposed an API extension called “Immutability” some time ago. With this, at least the backups in the cloud layer can be made immune to changes for a certain time.
Some of these solutions are natively supported by Veeam. Amazon AWS is one of them. Microsoft Azure is currently still missing. Furthermore S3 memory is not suitable for every application. A primary backup with Veeam on S3 is for example not directly possible. The S3 layer is only available as an extension of a scale-out backup repository.
Continue reading “ExaGrid Time-Lock – Who’s (still) afraid of ransomware?”Runecast will respond to COVID-19 crisis by offering free licenses to healthcare institutions and companies with VMware Horizon.
Helping companies to protect employees by letting them work from home and thus slowing down the rate of new infections is an important step in the battle against SARS-CoV-2.
Running an Horizon infrastructure in these days is a challenge for any IT team when the workloads shift from on premises to remote access. It is also vitally important to keep healthcare infrastructures up and running. Medical staff does a very good but demanding job these days aroud the globe. But they cannot do their job without IT infrastucture. Lives depend on that. So it’s a good initiative by Runecast to help making these infrastructures a bit safer.
I know a lot of people at Runecast and I’d like to express my personal thanks to everyone of them.
Not all heroes wear capes.
Work from your home office without any limitation.
Enable VMware Horizon scans now
Runecast Analyzer scans VMware infrastructures for known issues against the VMware-KB, checks hardware compatibility against HCL and compares current settings with VMware best-practice-guidelines and security baselines like DISA STIG, PCI DSS or HIPAA. The most recent version 3.1 now contains baselines from German Federal Office for Information Security (BSI). Germany is an important market for Runecast, so including BSI IT-Grundschutz (BSI IT-Baseline) was an important step to win new customers – especially in the public sector. One of the key selling points of Runecast in that market is its ability to work completely offline. No need to send any data into the cloud. You may update the appliance or get new signatures online, but you can also do this offline by mounting an ISO-image. Yes, Germany is special in that respect, but we had some…. issues.
To demonstrate all new features, Runecast will have a webinar on October 23rd 2019 at 10.00 am (CEST). Registration is free but priceless. Stanimir Markov (CEO) and Robert Berger will talk about BSI IT-Grundschutz Automation within Runecast Analyzer 3.1.
Continue reading “Runecast 3.1 with German BSI Grundschutz compliance monitoring”